← Back
CWE-352

9,314 CVEs • Abstraction: Compound • Likelihood of Exploit: Medium

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

JSON object

Loading...

CVEs (9,314)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-51645
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in themefusecom ThemeFuse Maintenance Mode themefuse-maintenance-mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through <= 1.1.3.
CVE-2024-51644
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in samwilson Addressbook addressbook allows Stored XSS.This issue affects Addressbook: from n/a through <= 1.1.3.
CVE-2024-51643
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ragaskar Amazon Associate Filter amazon-associate-filter allows Stored XSS.This issue affects Amazon Associate Filter: from n/a through <= 0.4.
CVE-2024-51642
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ivan9146 Seo Free seo-free allows Stored XSS.This issue affects Seo Free: from n/a through <= 1.4.
CVE-2024-51641
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Juan Camilo Advanced PDF Generator advanced-pdf-generator allows Stored XSS.This issue affects Advanced PDF Generator: from n/a through <= 0.4.0.
CVE-2024-51640
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Matt Rude MDR Webmaster Tools mdr-webmaster-tools allows Stored XSS.This issue affects MDR Webmaster Tools: from n/a through <= 1.1.
CVE-2024-51639
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Hints Naver Blog naver-blog-api allows Stored XSS.This issue affects Naver Blog: from n/a through <= 1.0.
CVE-2024-51638
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Awesome Shortcodes For Genesis awesome-shortcodes-for-genesis allows Stored XSS.This issue affects Awesome Shortcodes For Genesis: from n/a through 1.1....Show more
Cross-Site Request Forgery (CSRF) vulnerability in Sanjeev Mohindra Awesome Shortcodes For Genesis awesome-shortcodes-for-genesis allows Stored XSS.This issue affects Awesome Shortcodes For Genesis: from n/a through 1.1.8.Show less
CVE-2024-51637
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in sroyalty Admin SMS Alert admin-sms-alert allows Stored XSS.This issue affects Admin SMS Alert: from n/a through <= 1.1.0.
CVE-2024-51636
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Z.com byGMO GMO Social Connection gmo-social-connection allows Cross-Site Scripting (XSS).This issue affects GMO Social Connection: from n/a through <= 1.2.
CVE-2024-51635
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Garmur While Loading while-it-is-loading allows Stored XSS.This issue affects While Loading: from n/a through <= 3.0.
CVE-2024-51634
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in a.ankit Webriti Custom Login webriti-custom-login-page allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through <= 0.3.
CVE-2024-51633
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in ivycat Simple Page Specific Sidebars page-specific-sidebars allows Stored XSS.This issue affects Simple Page Specific Sidebars: from n/a through <= 2.14.1.
CVE-2024-51632
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow sh-slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through <= 4.3.
CVE-2024-51631
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Md Eftakhairul Islam Sticky Social Bar sticky-social-bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through <= 2.0.
CVE-2024-50534
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in techdabang World Prayer Time world-prayer-time allows Stored XSS.This issue affects World Prayer Time: from n/a through <= 2.0.
CVE-2024-50533
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
7.1 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding domain-sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through <= 1.2.1.
CVE-2024-43338
-
-
Jun 17, 2026
Nov 19, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Automattic Crowdsignal Dashboard – Polls, Surveys & more polldaddy allows Cross Site Request Forgery.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: fr...Show more
Cross-Site Request Forgery (CSRF) vulnerability in Automattic Crowdsignal Dashboard – Polls, Surveys & more polldaddy allows Cross Site Request Forgery.This issue affects Crowdsignal Dashboard – Polls, Surveys & more: from n/a through <= 3.1.3.Show less
CVE-2024-52424
1Sureshkumar
1Wp Login Customizer
Jun 17, 2026
Nov 18, 2024
N/A· v4
6.1 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in sureshdsk wp-login customizer wp-login-customizer allows Stored XSS.This issue affects wp-login customizer: from n/a through <= 1.0.
CVE-2024-48962
1Apache
1Ofbiz
Jun 17, 2026
Nov 18, 2024
8.9 HIGH· v4
8.8 HIGH· v3
N/A· v2
Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apa...Show more
Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), : Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache OFBiz. This issue affects Apache OFBiz: before 18.12.17. Users are recommended to upgrade to version 18.12.17, which fixes the issue.Show less